LISTING OF THE CLAIMS 



The following listing of claims will replace all prior versions, and listings, of 
claims in the application. 

1 . (previously presented) A method comprising: 

populating a directory with entries for each of a plurality of users of a multi-user 
computing environment, wherein each entry in the directory comprises a 
user ID and one or more group names, wherein each of the one or more 
group names corresponds to a group to which the user ID belongs, and 
wherein at least one of the entries in the directory comprises a first group 
name of the one or more group names; 

determining a first group access control list for the first group name, wherein the 
first group access control list comprises the user IDs of users whose 
entries comprise the first group name, and wherein the first group access 
control list is stored outside of the directory; 

for each data source in the multi-user computing environment which permits 
access by the first group name, granting access to the respective data 
source to the users in the first group access control list. 

2. (original) The method of claim 1, 

wherein each entry in the directory comprises a user password; and 
wherein the method further comprises authenticating each user ID using the 
associated user password. 

3. (original) The method of claim 1, 

wherein each entry in the directory comprises zero, one, or a plurality of 
hostnames; 

wherein the directory comprises a first hostname; and 
wherein the method further comprises: 
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for each data source in the multi-user computing environment which 
permits access by the first hostname, granting access to the data 
source to the one or more users whose directory entries comprise 
the first hostname and who are seeking access from the host 
having the first hostname. 

4. (original) The method of claim 1 , 

wherein the data source comprises a file or a directory in a file system coupled to 
the multi-user computing environment. 

5. (original) The method of claim 1, 

wherein the access comprises read access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to read the data source. 

6. (original) The method of claim 1, 

wherein the access comprises write access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to write to the data source. 

7. (original) The method of claim 1, 

wherein the access comprises execute access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to execute the data source. 

8. (original) The method of claim 1, 

for each data source in the multi-user computing environment which permits 
access by the first group name and owner but denies access to others, 
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denying access to the data source to users who are not in the first group 
access control list and who are not the owner of the data source. 

(original) The method of claim 1, 

wherein the multi-user computing environment comprises a UNIX-based 
operating system. 

(previously presented) A system comprising: 

a file system which comprises one or more data sources including a first data 
source; 

a directory server which is configured to store a plurality of entries in a directory 
for a plurality of users, wherein each entry comprises a user ID and one or 
more group names which denote groups to which the user ID belongs, 
wherein at least one of the entries comprises a first group name of the one 
or more group names; and 

a first group access control list which is generated from the entries, wherein the 
first group access control list is stored in the file system outside of the 
directory server, wherein the first group access control list comprises the at 
least one user IDs belonging to the first group name, and wherein the first 
group access control list is usable to permit access to the first data source 
to user IDs belonging to the first group name. 

(original) The system of claim 10, 

wherein each entry in the directory comprises a user password, wherein the user 
password is usable to authenticate the corresponding user ID for access to 
the one or more data sources. 

(original) The system of claim 10, further comprising: 

a host computer system coupled to the file system; 
wherein each entry in the directory comprises zero, one, or a plurality of host 

names such that the directory server comprises a first host name 



corresponding to the host computer system, and wherein access is granted 
to the first data sources to users seeking access from the host computer 
system. 

1 3 . (original) The system of claim 1 0, 

wherein the access to the first data source comprises read access. 

14. (original) The system of claim 10, 

wherein the access to the first data source comprises write access. 

15. (original) The system of claim 10, 

wherein the access to the first data source comprises execute access. 

16. (original) The system of claim 10, further comprising: 

an operating system which is operable to restrict user access to the data sources in 
the file system. 

17. v (previously presented) A carrier medium comprising program instructions which 
are computer-executable to implement: 

populating a directory with entries for each of a plurality of users of a multi-user 
computing environment, wherein each entry in the directory comprises a 
user ID and one or more group names, wherein each of the one or more 
group names corresponds to a group to which the user ID belongs, and 
wherein at least one of the entries in the directory comprises a first group 
name of the one or more group names; 

determining a first group access control list for the first group name, wherein the 
first group access control list comprises the user IDs of users whose 
entries comprise the first group name, and wherein the first group access 
control list is stored outside of the directory; 
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for each data source in the multi-user computing environment which permits 
access by the first group name, granting access to the respective data 
source to the users in the first group access control list. 

(original) The carrier medium of claim 17, 

wherein each entry in the directory comprises a user password; and 
wherein the program instructions are further computer-executable to implement 
authenticating each user ID using the associated user password. 

(original) The carrier medium of claim 17, 

wherein each entry in the directory comprises zero, one, or a plurality of 
hostnames; 

wherein the directory comprises a first hostname; and 

wherein the program instructions are further computer-executable to implement : 
for each data source in the multi-user computing environment which 
permits access by the first hostname, granting access to the data 
source to the one or more users whose entries comprise the first 
hostname and who are seeking access from the host having the 
first hostname. 

(original) The carrier medium of claim 17, 

wherein the data source comprises a file or a directory in a file system coupled to 
the multi-user computing environment. 

(original) The carrier medium of claim 17, 
wherein the access comprises read access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to read the data source. 

(original) The carrier medium of claim 17, 
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wherein the access comprises write access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to write to the data source. 

23. (original) The carrier medium of claim 17, 
wherein the access comprises execute access; and 

wherein the granting access to the data source to the users in the first group access 
control list comprises permitting the users in the first group access control 
list to execute the data source. 

24. (original) The carrier medium of claim 17, wherein the program instructions are 
further computer-executable to implement: 

for each data source in the multi-user computing environment which permits 
access by the first group name and owner but denies access to others, 
denying access to the data source to users who are not in the first group 
access control list and who are not the owner of the data source. 

25. (original) The carrier medium of claim 17, 

wherein the multi-user computing environment comprises a UNIX-based 
operating system. 
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